Hi Eric,
The following patch causes the IE6 installer to crash. Thanks to Rob for figuring out which patch caused the problem very quickly :)
Mike
Log message: Eric Pouech pouech-eric@wanadoo.fr - msvcrt: the file descriptors are now inherited between parent/child processes - kernel32.CreateProcess: make use of the *reserved2 fields for C-RunTime data inheritance
http://www.winehq.org/hypermail/wine-cvs/2004/09/0039.html
... 001f:Call kernel32.GetStartupInfoA(77adfca4) ret=500b34f6 001f:Ret kernel32.GetStartupInfoA() retval=77adfca4 ret=500b34f6 trace:seh:EXC_RtlRaiseException code=c0000005 flags=0 addr=0x500b354f trace:seh:EXC_RtlRaiseException info[0]=00000000 trace:seh:EXC_RtlRaiseException info[1]=780704e4 trace:seh:EXC_RtlRaiseException eax=00570000 ebx=77efd6e8 ecx=00000040 edx=77b004e0 esi=780704e4 edi=500c7ab8 trace:seh:EXC_RtlRaiseException ebp=77adfcec esp=77adfc98 cs=0073 ds=007b es=007b fs=0033 gs=0000 flags=00210 202 trace:seh:EXC_CallHandler calling handler at 0x77c0e240 code=c0000005 flags=0
Mike McCormack a écrit :
Hi Eric,
The following patch causes the IE6 installer to crash. Thanks to Rob for figuring out which patch caused the problem very quickly :)
Mike
Log message: Eric Pouech pouech-eric@wanadoo.fr - msvcrt: the file descriptors are now inherited between parent/child processes - kernel32.CreateProcess: make use of the *reserved2 fields for C-RunTime data inheritance
http://www.winehq.org/hypermail/wine-cvs/2004/09/0039.html
... 001f:Call kernel32.GetStartupInfoA(77adfca4) ret=500b34f6 001f:Ret kernel32.GetStartupInfoA() retval=77adfca4 ret=500b34f6 trace:seh:EXC_RtlRaiseException code=c0000005 flags=0 addr=0x500b354f trace:seh:EXC_RtlRaiseException info[0]=00000000 trace:seh:EXC_RtlRaiseException info[1]=780704e4 trace:seh:EXC_RtlRaiseException eax=00570000 ebx=77efd6e8 ecx=00000040 edx=77b004e0 esi=780704e4 edi=500c7ab8 trace:seh:EXC_RtlRaiseException ebp=77adfcec esp=77adfc98 cs=0073 ds=007b es=007b fs=0033 gs=0000 flags=00210 202 trace:seh:EXC_CallHandler calling handler at 0x77c0e240 code=c0000005 flags=0
could you be more precise on the crash: - where does it take place ? - are you running native msvcrt or builtin ? - does IE6 installer use msvcrt at all ? - does this error araise from a child process ? if so, which parameters are given in CreateProcess. Is the parent process using msvcrt (native, builtin) ? - does fixing the copy&paste error in dlls/kernel/environ.c at ENV_CopyStartupInformation (startup_infoA.cb should be sizeof(startup_infoA) not sizeof(startup_infoW)) help somewhere ?
A+
Eric Pouech wrote:
could you be more precise on the crash:
- where does it take place ?
OK, I've included the full backtrace below.
- are you running native msvcrt or builtin ?
Seems like the process has neither loaded.
- does IE6 installer use msvcrt at all ?
I don't think so. In any case, there's no msvcrt.dll in Windows\System at this stage of the install.
- does this error araise from a child process ? if so, which parameters
are given in CreateProcess. Is the parent process using msvcrt (native, builtin) ?
Yes, It's from a child process.
001d:Call kernel32.CreateProcessA(00000000,77adf880 "acmsetup /T nashbase.stf /S C:\Windows\msdownld.tmp\A S02A93E.tmp\ /QT /g "C:\Windows\IE Setup Log.Txt"",00000000,00000000,00000000,00000000,00000000,00000000, 77adf7f4,77adf854) ret=010012da
I've put a full log at:
http://mandoo.dyndns.org/ie6-setup-crash.log.gz
- does fixing the copy&paste error in dlls/kernel/environ.c at
ENV_CopyStartupInformation (startup_infoA.cb should be sizeof(startup_infoA) not sizeof(startup_infoW)) help somewhere ?
No. The (incorrect) patch below fixes the problem. My guess is that IE6 is using the reserved fields somehow.
Mike
diff -u -r1.1.1.2 environ.c --- dlls/kernel/environ.c 8 Sep 2004 02:31:38 -0000 1.1.1.2 +++ dlls/kernel/environ.c 23 Oct 2004 06:05:47 -0000 @@ -462,8 +462,8 @@ startup_infoA.dwFillAttribute = rupp->dwFillAttribute; startup_infoA.dwFlags = rupp->dwFlags; startup_infoA.wShowWindow = rupp->wShowWindow; - startup_infoA.cbReserved2 = rupp->RuntimeInfo.Length; - startup_infoA.lpReserved2 = (void*)rupp->RuntimeInfo.Buffer; + startup_infoA.cbReserved2 = 0; + startup_infoA.lpReserved2 = 0; startup_infoA.hStdInput = rupp->hStdInput; startup_infoA.hStdOutput = rupp->hStdOutput; startup_infoA.hStdError = rupp->hStdError;
Unhandled exception: page fault on read access to 0x77fd04e4 in 32-bit code (0x500b354f). In 32 bit mode. Register dump: CS:0073 SS:007b DS:007b ES:007b FS:0033 GS:0000 EIP:500b354f ESP:77adfd3c EBP:77adfd90 EFLAGS:00210202( - 00 - -RI1) EAX:004d0000 EBX:77efd748 ECX:00000040 EDX:77b004e0 ESI:77fd04e4 EDI:500c7ab8 Stack dump: 0x77adfd3c: 00000001 00000001 77efd748 00000044 0x77adfd4c: 00000000 00000000 00000000 00000000 0x77adfd5c: 00000000 00000000 00000000 00000000 0x77adfd6c: 00000000 00000000 00000000 00000000 0x77adfd7c: 77b004e0 00000008 0000000c 00000010 0x77adfd8c: 004d0000 77adfdb0 500b20e3 500b218b Backtrace: =>1 0x500b354f (0x77adfd90) 2 0x500b20e3 (0x77adfdb0) 3 0x77ec7bae call_dll_entry_point+0x12 in ntdll (0x77adfdc8) 4 0x77ec8dbd MODULE_InitDLL+0xfd(wm=0x77c20c18, reason=0x1, lpReserved=0x1) [/home/mike/codeweavers/office/wine/dlls/ntdll/loader.c:741] in ntdll (0x77adfe38) 5 0x77ec8fc7 process_attach+0x107(wm=0x77c20c18, lpReserved=0x1) [/home/mike/codeweavers/office/wine/dlls/ntdll/loader.c:814] in ntdll (0x77adfe5c) 6 0x77ec8ffd process_attach+0x13d(wm=0x77c20690, lpReserved=0x1) [/home/mike/codeweavers/office/wine/dlls/ntdll/loader.c:806] in ntdll (0x77adfe7c) 7 0x77ecb473 LdrInitializeThunk+0x203(main_file=0x4, unknown2=0x0, unknown3=0x0, unknown4=0x0) [/home/mike/codeweavers/office/wine/dlls/ntdll/loader.c:1913] in ntdll (0x77adff20) 8 0x77b8828d start_process+0x9d(arg=0x0) [/home/mike/codeweavers/office/wine/dlls/kernel/process.c:1012] in kernel32 (0x77adfff4) 9 0xb7fd4dfd wine_switch_to_stack+0x11 in libwine.so.1 (0x00000000) 0x500b354f: repe movsl (%esi),%es:(%edi) Modules: Module Address Debug info Name (52 modules) PE 0x00400000-0045c000 Deferred acmsetup PE 0x50090000-500d8000 Export mssetup PE 0x65f00000-65fc2000 Deferred ole32 ELF 0x77607000-776b1000 Deferred comctl32<elf> -PE 0x77620000-776b1000 \ comctl32 ELF 0x776b1000-77708000 Deferred shlwapi<elf> -PE 0x776d0000-77708000 \ shlwapi ELF 0x77708000-777bb000 Deferred shell32<elf> -PE 0x77720000-777bb000 \ shell32 ELF 0x777bb000-777d1000 Deferred lz32<elf> -PE 0x777c0000-777d1000 \ lz32 ELF 0x777d1000-777eb000 Deferred version<elf> -PE 0x777e0000-777eb000 \ version ELF 0x777eb000-77809000 Deferred mpr<elf> -PE 0x777f0000-77809000 \ mpr ELF 0x77809000-7788c000 Deferred gdi32<elf> -PE 0x77820000-7788c000 \ gdi32 ELF 0x7788c000-779a9000 Deferred user32<elf> -PE 0x778b0000-779a9000 \ user32 ELF 0x779a9000-779e0000 Deferred advapi32<elf> -PE 0x779c0000-779e0000 \ advapi32 ELF 0x77b10000-77c20000 Stabs kernel32<elf> -PE 0x77b40000-77c20000 \ kernel32 ELF 0x77d3c000-77d51000 Deferred libnsl.so.1 ELF 0x77d51000-77d5d000 Deferred libnss_compat.so.2 ELF 0x77d69000-77d8c000 Deferred libm.so.6 ELF 0x77d98000-77e8b000 Deferred libwine_unicode.so.1 ELF 0x77e8b000-77f00000 Stabs ntdll<elf> -PE 0x77eb0000-77f00000 \ ntdll ELF 0x77f00000-77f07000 Deferred <wine-loader> ELF 0x7fc8a000-7fca8000 Deferred imm32<elf> -PE 0x7fc90000-7fca8000 \ imm32 ELF 0x7fca8000-7fcc6000 Deferred ximcp.so.2 ELF 0x7fd0a000-7fd0e000 Deferred libxrandr.so ELF 0x7fd1a000-7fd22000 Deferred libxrender.so.1 ELF 0x7fd22000-7fd2b000 Deferred libxcursor.so.1 ELF 0x7fd2b000-7fd7c000 Deferred libpthread.so.0 ELF 0x7fd7c000-7fdef000 Deferred libgl.so.1 ELF 0x7fdef000-7feb6000 Deferred libx11.so.6 ELF 0x7feb6000-7fec4000 Deferred libxext.so.6 ELF 0x7fec4000-7fec9000 Deferred libxv.so.1 ELF 0x7fec9000-7fee0000 Deferred libice.so.6 ELF 0x7fee0000-7fee9000 Deferred libsm.so.6 ELF 0x7fef2000-7fef5000 Deferred xlcdef.so.2 ELF 0x7fef5000-7ff78000 Deferred x11drv<elf> -PE 0x7ff10000-7ff78000 \ x11drv ELF 0x7ff78000-7ff85000 Deferred libz.so.1 ELF 0x7ff91000-80000000 Deferred libcxfreetype.so ELF 0xb7e8b000-b7e8e000 Deferred libdl.so.2 ELF 0xb7e8e000-b7fc4000 Deferred libc.so.6 ELF 0xb7fd0000-b7fe9000 DIA libwine.so.1 ELF 0xb7fea000-b8000000 Deferred ld-linux.so.2 Threads: process tid prio (all id:s are in hex) 0000001e (D) C:\Windows\msdownld.tmp\AS004145.tmp\acmsetup.exe 0000001f 0 <== 0000001c 0000001d 0 0000000a 00000017 0 00000014 0 00000011 0 0000000b 0 00000008 00000009 0 WineDbg terminated on pid 0x1e
Mike McCormack a écrit :
Eric Pouech wrote:
I don't think so. In any case, there's no msvcrt.dll in Windows\System at this stage of the install.
yes, but there's one installed in the download area, and it's loaded. From the traces: 0022:Call PE DLL (proc=0x7e566d62,module=0x7e560000 L"msvcrt.dll",reason=PROCESS_ATTACH,res=(nil)) 0022:Ret PE DLL (proc=0x7e566d62,module=0x7e560000 L"msvcrt.dll",reason=PROCESS_ATTACH,res=(nil)) retval=1 0022:Call msvcrt.malloc(00000080) ret=0040153a 0022:Ret msvcrt.malloc() retval=77d1b878 ret=0040153a 0022:Call msvcrt._initterm(00402000,00402004) ret=00401564 0022:Ret msvcrt._initterm() retval=00000000 ret=00401564 0022:Call msvcrt.free(77d1b878) ret=004015a6 0022:Ret msvcrt.free() retval=00000001 ret=004015a6 0022:Call PE DLL (proc=0x7e566d62,module=0x7e560000 L"msvcrt.dll",reason=PROCESS_DETACH,res=(nil)) 0022:Ret PE DLL (proc=0x7e566d62,module=0x7e560000 L"msvcrt.dll",reason=PROCESS_DETACH,res=(nil)) retval=1 But, it seems the issue appears afterwards, so that shouldn't be an issue.
No. The (incorrect) patch below fixes the problem. My guess is that IE6 is using the reserved fields somehow.
Very likely. There was a bug in the way the size of runtime info was passed. The attached patch fixes it. Does it help ?
A+
-
Eric Pouech -
Mike McCormack